SA-001: Unauthorized Access to Non-Volatile Memory

Vulnerability Type: Incorrect Access Control

Affected Product(s): NPCT75x TPM1.2 with Firmware version 7.4.0.0.

Fixed Product(s): Firmware version: 7.4.0.1. Firmware updates are available from system OEMs.

Attack Type: Local

Impact: Information Disclosure, Modification of Data

Affected Components: Data in the TPM non-volatile memory

Attack Vector: Unauthorized access to non-volatile memory

Severity: Medium

Detailed Description:

In Nuvoton NPCT75x TPM 1.2 firmware 7.4.0.0, a local authenticated malicious user with high privileges could potentially gain unauthorized access to TPM non-volatile memory.

NOTE: Upgrading to firmware version 7.4.0.1 will mitigate against this vulnerability; however, version 7.4.0.1 is not TCG or Common Criteria (CC) certified (though functionality wise, there are no real differences between versions 7.4.0.0 and 7.4.0.1). Nuvoton recommends that users apply the NPCT75x TPM 1.2 firmware update.

CVE Identifier: CVE-2021-32015